Cybersecurity Controls Analyst (Hybrid)

Who is Saint Louis University? Founded in 1818, Saint Louis University is one of the nation's oldest and most prestigious Catholic universities. SLU, which also has a campus in Madrid, Spain, is recognized for world-class academics, life-changing research, compassionate health care, and a strong commitment to faith and service.

JOB SUMMARY

The Cybersecurity Controls Analyst is a member of the Information Security team and is responsible for evaluating, implementing, and monitoring cybersecurity controls. This position ensures the university's compliance with internal policies and external regulatory requirements.

PRIMARY JOB RESPONSIBILITIES

• Develops, assesses and monitors cybersecurity controls across systems, applications, vendors and infrastructure

• Conducts risk assessments, controls walkthroughs, and control gap analyses to identify vulnerabilities and recommend mitigation controls-based strategies

• Collaborates with IT and business units to implement and validate security controls

• Maintains documentation of control effectiveness and remediation efforts

• Supports internal and external audits, including evidence collection and control walkthroughs

• Ensures compliance with industry standards and regulations (e.g., NIST, CIS Controls, PCI-DSS, HIPAA, FERPA, GLBA)

• Develops and maintains cybersecurity policies, procedures, and standards

• Monitors regulatory changes and emerging threats to adjust control strategies accordingly

• Assists in the development of security awareness and training programs

• Performs other duties as assigned

KNOWLEDGE, SKILLS, AND ABILITIES

• Proficiency with cybersecurity frameworks (e.g., NIST CSF, ISO 27001, COBIT) and compliance standards (e.g., HIPAA, PCI-DSS, GDPR)

• Understanding of cybersecurity principles, particularly in regulated environments

• Strong customer service orientation with the ability to communicate technical concepts to non-technical users

• Excellent documentation skills

• Attention to detail

• Strong analytical skills

• Strong problem-solving skills

• Strong organizational and time management skills

• Ability to prioritize multiple tasks

• Ability to work independently and collaboratively in a team-oriented environment

MINIMUM QUALIFICATIONS

• Bachelor's degree in cybersecurity, information technology management, computer science, or a related discipline

• Three years of experience in information technology, cybersecurity, IT audit, or risk management, preferably in an academic or research setting

• Experience with controls development and control testing methodologies

PREFERRED QUALIFICATIONS

• Experience with GRC tools

• Professional certifications such as CISA, CISSP, CRISC, or Security+

• Experience in a regulated industry (e.g., education, finance, healthcare)

• Knowledge of cloud security controls (AWS, Azure, GCP)

• Experience supporting research faculty and students in a higher education environment

Function

Scheduled Weekly Hours:

Saint Louis University is an equal opportunity/affirmative action employer. All qualified candidates will receive consideration for the position applied for without regard to race, color, religion, sex, age, national origin, disability, marital status, sexual orientation, military/veteran status, gender identity, or other non-merit factors. If accommodations are needed for completing the application and/or with the interviewing process, please contact Human Resources at 314-977-5847.